Hi Community team,
I need your help with the next case, maybe someone had the same issue
I have a ASA5550 with 3 interface:
- DMZ, INSIDE, OUTSIDE
We have UDP traffic syslog from some host in the INSIDE LAN to the one server in the DMZ LAN.
* When the DMZ link fail the traffic is reroute to the OUTSIDE interface (defaul route)
* The UDP connection between INSIDE and DMZ is cleared when the link to DMZ is down
* In the ASA we see a new conection trough the INSIDE and OUTSIDE (the server is not reacheble at this moment)
* When the DMZ link is restored, the UDP connection remains trough INSIDE and OUTSIDE interface.
* The traffic is not reroute to the DMZ link, this affect only UDP connection that send continuos traffic.
* The TCP connections work fine, and new connection work fine. Only the UDP conection that always are sending continuos traffic are affected
* We apply a "clear conn" to restore the UDP conections
We found several information in blogs about this issue.
* Some blogs comment about the command "timeout floating-conn 0:01:00" to set the timeout timer to 1 minute
** We apply this command in the asa, we see the same issue
* Some blogs comment about use a EEM script to track events and execute an action
** We configure an EEEM to track some logs and execute a "clear conn"
** The EEM script work fine, the script apply a "clear conn" a the conectiones restore
** The only question is about the performance impact in the CPU and Memory
We see this issue in ASA5550 and ASA5520
I want to know if there is other solution for this issue.
I´m really appreciate your help.
Regards.